Senior Cyber Security Analyst

**Duties and Responsibilities**
- Monitor, analyse, and detect Cyber events and incidents within information systems and networks.
- Consult on integrated, dynamic Cyber defence and leverage Cybersecurity solutions
- Administer Cybersecurity operational services, including intrusion detection and prevention, situational awareness of:

- o network intrusions;
- security events;
- data spillage; and
- Incident response actions.
- Participate in testing, deploying, and administering the infrastructure hardware and software which are required to effectively manage the organization's Cybersecurity operational services.
- Provide daily operational effectiveness reporting to CISO
- Conduct internal and external security audits, providing recommendations to close any potential gaps within the process and or system Anticipate security alerts, incidents and disasters and reduce their likelihood
- Monitor network, intrusion detection and prevention systems for security breaches and investigate a violation when one occurs
- Analyse security breaches to determine their root cause providing one's findings and recommendations to the Head of the Department
- Prepare reports that document security breaches and the extent of the damage caused by the breaches
- Establishes system controls by developing framework for controls and levels of access; recommending improvements.
- Drafts procedures and or policies with regards to cyber security submitting them to the Head of Department for review and authorisation
- Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
- Develops security awareness by providing orientation, educational programs, and on-going communication.
- Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Research the latest information technology (IT) security trends to ensure remains relevant and protected
- Provide input into developing information security standards and best practices for their organization
- Recommend security enhancements to management or senior IT staff
- Help computer users when they need to install or learn about new security products and procedures
- Identify and respond to threats to meet or exceed defined SLAs, escalating where need be.
See incident through to resolution and document the event.
- Ensure compliance with established security configuration standards and best practices.
- Maintain, manage and upgrade agent-based security tools.
- Create and maintain appropriate standard operating procedures for the Cyber Security, including business continuity plans.
- Work closely with key stakeholders to ensure operational readiness for cyber security technologies.
- Work closely with other teams to design, architect, consult and implement security solutions.
- Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction
- Execute tasks related to the planning and implementation of new or upgraded security controls.

**Qualification required**:

- Matric or equivalent
- Bachelor's degree in Information Security or similar;
- Industry certifications such as CISSP, SANS/GIAC: GSEC, GCIH, GFCA, GCFE, GCIA; EC-Council: CEH, ECIH, CHFI, ECSA; Security+; Tenable: TCNU, TCNA, TCSE are preferred

***

**Experience required**:

- 5 years of experience in Cybersecurity, engineering, or security vulnerability remediation

**Knowledge and skills required**:

- Strong troubleshooting, reasoning, problem solving
- Demonstrated ability to write clear and concise technical documentation
- Ability to multi-task and change priorities with short notice
- High standard of professionalism and ethics
- Strong influencing and persuasion skills
- In-depth knowledge of MS Azure security platform (MS Intune / DRM / O365 Security)
- In-depth knowledge of Firewalls and Malicious Code Defence including APT; Knowledge of Cybersecurity technical assessments, standards, tools, and processes
- Extensive knowledge of Cybersecurity tools, processes, and methodologies